]> git.proxmox.com Git - mirror_edk2.git/blobdiff - OvmfPkg/OvmfPkgIa32.dsc
projects / mirror_edk2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
OvmfPkg: inherit Image Verification Policy defaults from SecurityPkg
[mirror_edk2.git] / OvmfPkg / OvmfPkgIa32.dsc
diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 94604653a9b1fdb9905cd5d58988b2392325ac06..9d53adc908fd0e992e0a265fe284fb040070cb87 100644 (file)
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -311,6 +311,7 @@
 !ifdef $(SOURCE_DEBUG_ENABLE)\r
   DebugAgentLib|SourceLevelDebugPkg/Library/DebugAgent/SmmDebugAgentLib.inf\r
 !endif\r
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf\r
 \r
 [LibraryClasses.common.SMM_CORE]\r
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf\r
@@ -380,13 +381,6 @@
   gUefiCpuPkgTokenSpaceGuid.PcdCpuSmmApSyncTimeout|100000\r
 !endif\r
 \r
-!if $(SECURE_BOOT_ENABLE) == TRUE\r
-  # override the default values from SecurityPkg to ensure images from all sources are verified in secure boot\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04\r
-!endif\r
-\r
   # IRQs 5, 9, 10, 11 are level-triggered\r
   gPcAtChipsetPkgTokenSpaceGuid.Pcd8259LegacyModeEdgeLevel|0x0E20\r
 \r
@@ -518,19 +512,9 @@
   OvmfPkg/VirtioPciDeviceDxe/VirtioPciDeviceDxe.inf\r
   OvmfPkg/VirtioBlkDxe/VirtioBlk.inf\r
   OvmfPkg/VirtioScsiDxe/VirtioScsi.inf\r
-  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf\r
   OvmfPkg/XenIoPciDxe/XenIoPciDxe.inf\r
   OvmfPkg/XenBusDxe/XenBusDxe.inf\r
   OvmfPkg/XenPvBlkDxe/XenPvBlkDxe.inf\r
-  OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf {\r
-    <LibraryClasses>\r
-      PlatformFvbLib|OvmfPkg/Library/EmuVariableFvbLib/EmuVariableFvbLib.inf\r
-  }\r
-  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf\r
-  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {\r
-    <LibraryClasses>\r
-      NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
-  }\r
   MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf\r
   MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf\r
   MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf\r
@@ -711,4 +695,31 @@
       SmmCpuPlatformHookLib|UefiCpuPkg/Library/SmmCpuPlatformHookLibNull/SmmCpuPlatformHookLibNull.inf\r
       SmmCpuFeaturesLib|OvmfPkg/Library/SmmCpuFeaturesLib/SmmCpuFeaturesLib.inf\r
   }\r
+\r
+  #\r
+  # Variable driver stack (SMM)\r
+  #\r
+  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf\r
+  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf\r
+  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {\r
+    <LibraryClasses>\r
+      NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
+  }\r
+  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf\r
+\r
+!else\r
+\r
+  #\r
+  # Variable driver stack (non-SMM)\r
+  #\r
+  OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf\r
+  OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf {\r
+    <LibraryClasses>\r
+      PlatformFvbLib|OvmfPkg/Library/EmuVariableFvbLib/EmuVariableFvbLib.inf\r
+  }\r
+  MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteDxe.inf\r
+  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {\r
+    <LibraryClasses>\r
+      NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf\r
+  }\r
 !endif\r
EFI Development Kit II mirror for PVE